10 Reasons Why Micro-Segmentation and Clouds are Not Secure

Presented by

Predrag "Pez" Zivic, CISSP

About this talk

Micro-segmentation and cloud architectures decrease threat landscape by design. However, this smaller threat surface creates a false sense of good security. This presentation will clearly demonstrate 10 security controls that are missing in such architectures. Standard private (OpenStack and NSX) and public cloud architectures (AWS and Azure) with micro-segmentation will be presented and analyzed for 10 security controls that are missing. They include identification, authentication, authorization, vulnerability, anti-virus, advance persistence threat detection, denial of service and data protection, visibility with analytics and security system automation. Attendees will learn how to add these 10 controls to micro-segmentation to architect strong security. We'll show how the implementation of most of these controls may be used to set a foundation for zero-trust model implementation. Learning Objectives: • Learn what security controls are missing in micro-segmentation in private and public cloud implementations • Learn how to go about implementing 10 security controls presented • Learn how to use these 10 security controls to set a foundation for zero-trust implementation

Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (107)
Subscribers (21040)
(ISC)² Security Congress channel contains digital content of activities at (ISC)2's Flagship conference event. You'll find keynotes, sessions and related items.